Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/e931caa9-ca4e-428a-aa3c-3af36efafc8c.roa
File: e931caa9-ca4e-428a-aa3c-3af36efafc8c.roa (raw, json)
Hash identifier: M6tYTjcMa0XVGJo7OhY4lQ4BSuAffal5t0co12ewwDo=
Subject key identifier: CF:89:D4:9B:A1:97:97:8F:63:46:98:86:FA:E6:B9:C2:C2:C7:6C:5C
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 7BAD1FEBEEA3B04796BBFDDB3491E2B14C96154F
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/e931caa9-ca4e-428a-aa3c-3af36efafc8c.roa
Signing time: Tue 05 Aug 2025 19:30:19 +0000
ROA not before: Tue 05 Aug 2025 19:30:19 +0000
ROA not after: Tue 09 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d000:c040::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 05:01:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7b:ad:1f:eb:ee:a3:b0:47:96:bb:fd:db:34:91:e2:b1:4c:96:15:4f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Aug 5 19:30:19 2025 GMT
Not After : Sep 9 23:59:59 2025 GMT
Subject: serialNumber=4a4439c911a6bb69673fcfd80412c19e57f6d15846b893b8a92b5a42e37c20f7, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:45:56:91:9a:c7:52:db:04:a6:bf:70:05:61:
50:16:27:23:a6:de:78:6f:cb:1d:56:cc:dd:c6:45:
86:64:bb:81:a0:05:14:b5:c3:a1:cd:16:f9:ee:7d:
fe:2b:3b:ff:c2:c4:c2:de:77:d0:50:e4:57:a2:24:
eb:26:93:e8:b0:84:de:f4:c3:2f:f6:ca:c1:9f:8c:
96:91:80:05:53:ce:58:47:c5:09:6a:c2:56:60:91:
7b:bc:f8:32:82:04:f2:d6:37:7b:c9:f4:ae:aa:e3:
8e:70:12:de:39:e0:27:a7:d8:49:e1:7c:26:f9:48:
04:6c:68:ba:66:af:6c:91:02:44:47:ee:41:4a:bf:
23:35:0f:bb:53:57:7f:a3:51:03:77:b7:5d:1a:15:
b4:fa:e4:dc:0b:e6:3e:6e:00:89:ea:7b:09:c8:cd:
65:be:4c:3c:37:a7:e2:1a:77:03:4b:71:c2:f7:7d:
74:35:09:16:d0:45:b4:61:1f:ec:a2:87:dd:e4:ba:
f0:37:13:5d:89:42:c8:16:6b:cc:fe:97:89:48:20:
87:ed:cf:6e:a8:c5:93:cf:41:5e:1e:43:5f:4d:1a:
29:8f:f5:65:15:57:b8:58:a3:b9:4c:86:69:8c:8a:
48:88:98:98:45:36:37:b8:d0:ee:c1:dc:19:40:65:
1c:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CF:89:D4:9B:A1:97:97:8F:63:46:98:86:FA:E6:B9:C2:C2:C7:6C:5C
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/e931caa9-ca4e-428a-aa3c-3af36efafc8c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d000:c040::/48
Signature Algorithm: sha256WithRSAEncryption
8b:11:25:0b:58:73:b1:f1:4e:fc:3a:10:0a:cf:83:86:59:41:
60:3b:f1:ae:39:34:85:b3:8e:04:44:0c:3c:94:e8:99:18:6e:
0b:15:2b:02:77:1f:ab:d9:71:66:c0:2d:21:8f:73:df:05:f4:
2b:48:41:3b:e1:d9:98:8e:84:39:79:3e:1f:fa:a0:09:85:54:
4d:e6:d3:7b:03:a6:3c:38:be:68:3a:d4:92:d4:78:f5:dc:75:
6d:6a:8f:b2:b4:35:e7:43:04:11:16:3b:4e:94:43:5a:e2:fa:
01:d2:4c:9c:48:bc:f5:bb:2d:b2:1e:30:41:2c:fa:02:cc:01:
f2:44:3b:01:d8:3b:7b:b5:e7:78:2d:da:2b:e9:2c:21:d9:b2:
84:54:2e:ff:da:dc:d0:aa:d1:23:8f:b5:c8:2e:17:43:8a:3f:
84:3b:9d:bc:2b:cc:f3:cc:50:01:e2:a5:25:ca:36:61:d9:87:
1c:4c:87:d1:e0:84:e2:ba:f8:24:59:63:a2:c4:3c:09:9b:31:
4e:b9:e8:fb:cc:a2:02:27:36:0a:ea:fc:9e:f9:52:f8:be:16:
fc:71:ac:50:fd:88:60:bd:03:4b:1d:cb:28:24:bb:67:45:bc:
c4:68:26:18:8a:3a:e0:8e:b9:29:ba:a5:6b:e9:83:53:7e:ae:
ba:78:52:02
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUe60f6+6jsEeWu/3bNJHisUyWFU8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA4MDUxOTMwMTlaFw0yNTA5MDkyMzU5NTlaMHoxSTBHBgNV
BAUTQDRhNDQzOWM5MTFhNmJiNjk2NzNmY2ZkODA0MTJjMTllNTdmNmQxNTg0NmI4
OTNiOGE5MmI1YTQyZTM3YzIwZjcxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKpFVpGax1LbBKa/cAVhUBYnI6beeG/LHVbM3cZFhmS7gaAFFLXDoc0W+e59
/is7/8LEwt530FDkV6Ik6yaT6LCE3vTDL/bKwZ+MlpGABVPOWEfFCWrCVmCRe7z4
MoIE8tY3e8n0rqrjjnAS3jngJ6fYSeF8JvlIBGxoumavbJECREfuQUq/IzUPu1NX
f6NRA3e3XRoVtPrk3AvmPm4Aiep7CcjNZb5MPDen4hp3A0txwvd9dDUJFtBFtGEf
7KKH3eS68DcTXYlCyBZrzP6XiUggh+3PbqjFk89BXh5DX00aKY/1ZRVXuFijuUyG
aYyKSIiYmEU2N7jQ7sHcGUBlHEUCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBTPidSb
oZeXj2NGmIb65rnCwsdsXDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZTkzMWNhYTktY2E0ZS00MjhhLWFhM2MtM2FmMzZlZmFmYzhjLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0ADA
QDANBgkqhkiG9w0BAQsFAAOCAQEAixElC1hzsfFO/DoQCs+DhllBYDvxrjk0hbOO
BEQMPJTomRhuCxUrAncfq9lxZsAtIY9z3wX0K0hBO+HZmI6EOXk+H/qgCYVUTebT
ewOmPDi+aDrUktR49dx1bWqPsrQ150MEERY7TpRDWuL6AdJMnEi89bstsh4wQSz6
AswB8kQ7Adg7e7XneC3aK+ksIdmyhFQu/9rc0KrRI4+1yC4XQ4o/hDudvCvM88xQ
AeKlJco2YdmHHEyH0eCE4rr4JFljosQ8CZsxTrno+8yiAic2Cur8nvlS+L4W/HGs
UP2IYL0DSx3LKCS7Z0W8xGgmGIo64I65Kbqla+mDU36uunhSAg==
-----END CERTIFICATE-----
Generated at Sat Aug 23 11:51:47 2025 by rpki-client